@deftai/directive-content 0.66.2 → 0.68.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.githooks/_deft-run.sh +40 -7
- package/.githooks/pre-commit +2 -0
- package/Taskfile.yml +11 -6
- package/UPGRADING.md +24 -0
- package/docs/agent-docs.md +44 -0
- package/package.json +1 -1
- package/packs/lessons/lessons-pack-0.1.json +17 -0
- package/packs/skills/skills-pack-0.1.json +57 -35
- package/scm/github.md +23 -0
- package/skills/deft-directive-gh-slice/SKILL.md +2 -0
- package/skills/deft-directive-pre-pr/SKILL.md +1 -0
- package/skills/deft-directive-refinement/SKILL.md +2 -0
- package/skills/deft-directive-swarm/SKILL.md +14 -1
- package/skills/deft-directive-sync/SKILL.md +22 -0
- package/tasks/engine.yml +26 -1
- package/tasks/pr.yml +29 -0
- package/tasks/session.yml +1 -1
- package/tasks/swarm.yml +16 -0
- package/tasks/triage-summary.yml +1 -1
- package/tasks/triage-welcome.yml +1 -1
- package/tasks/verify.yml +54 -6
- package/templates/agent-prompt-preamble.md +1 -1
- package/templates/agents-consumer-header.md +18 -0
- package/templates/agents-entry.md +19 -54
- package/templates/embed.go +6 -0
- package/templates/embed_test.go +27 -0
- package/tools/package-manager-network.md +29 -0
package/templates/embed_test.go
CHANGED
|
@@ -2,6 +2,7 @@ package templates
|
|
|
2
2
|
|
|
3
3
|
import (
|
|
4
4
|
"os"
|
|
5
|
+
"strings"
|
|
5
6
|
"testing"
|
|
6
7
|
)
|
|
7
8
|
|
|
@@ -34,3 +35,29 @@ func TestAgentsEntryNonEmpty(t *testing.T) {
|
|
|
34
35
|
t.Fatal("AgentsEntry is empty -- templates/agents-entry.md embed is broken")
|
|
35
36
|
}
|
|
36
37
|
}
|
|
38
|
+
|
|
39
|
+
// TestAgentsConsumerHeaderMatchesFile asserts the embedded consumer header equals
|
|
40
|
+
// templates/agents-consumer-header.md on disk (#2065).
|
|
41
|
+
func TestAgentsConsumerHeaderMatchesFile(t *testing.T) {
|
|
42
|
+
onDisk, err := os.ReadFile("agents-consumer-header.md")
|
|
43
|
+
if err != nil {
|
|
44
|
+
t.Fatalf("could not read templates/agents-consumer-header.md: %v", err)
|
|
45
|
+
}
|
|
46
|
+
if AgentsConsumerHeader != string(onDisk) {
|
|
47
|
+
t.Errorf("embedded AgentsConsumerHeader drift from templates/agents-consumer-header.md:\n"+
|
|
48
|
+
"embedded len=%d, on-disk len=%d",
|
|
49
|
+
len(AgentsConsumerHeader), len(onDisk))
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
func TestAgentsConsumerHeaderOmitsRetiredSections(t *testing.T) {
|
|
54
|
+
if strings.Contains(AgentsConsumerHeader, "## Status") {
|
|
55
|
+
t.Error("consumer header must not scaffold ## Status (#2065)")
|
|
56
|
+
}
|
|
57
|
+
if strings.Contains(AgentsConsumerHeader, "## Known Issues") {
|
|
58
|
+
t.Error("consumer header must not scaffold ## Known Issues (#2065)")
|
|
59
|
+
}
|
|
60
|
+
if !strings.Contains(AgentsConsumerHeader, "## Session orientation") {
|
|
61
|
+
t.Fatal("consumer header must include Session orientation pointer")
|
|
62
|
+
}
|
|
63
|
+
}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Package-Manager Network Access (#2182)
|
|
2
|
+
|
|
3
|
+
Legend (from RFC2119): !=MUST, ~=SHOULD, ⊗=MUST NOT, ?=MAY.
|
|
4
|
+
|
|
5
|
+
**⚠️ See also**: [main.md](../../main.md) | [tools/taskfile.md](./taskfile.md) | [scm/github.md](../scm/github.md)
|
|
6
|
+
|
|
7
|
+
**Scope:** How Directive's own tooling (session ritual, doctor, read-only flows) treats npm/pnpm registry access as an explicit, security-sensitive, opt-in operation. Applies to Directive's own code, not to a consumer project's own build/install scripts.
|
|
8
|
+
|
|
9
|
+
## Why this exists
|
|
10
|
+
|
|
11
|
+
Directive runs against arbitrary repositories, including private monorepos with private package scopes, workspace dependencies, proxy configuration, and authenticated registries. If Directive silently invokes `npm`/`pnpm` during session startup or health checks, it may contact public or private registries, disclose package names/scopes/dependency-graph shape over the network, pick up unintended project/user registry configuration, or trip sandboxed network-approval prompts for work that never needed dependency resolution. Registry traffic itself is sensitive even when no secrets are printed.
|
|
12
|
+
|
|
13
|
+
## Rules
|
|
14
|
+
|
|
15
|
+
- ! Read-only, session-start, and session-ritual flows (`deft session:start`, `deft verify:session-ritual`, `deft verify:tools`) MUST perform no npm/pnpm registry access. Tool-presence probes MUST use PATH lookups (`which`/`accessSync`) or `--version` checks, never a subcommand that can resolve dependencies or query a registry.
|
|
16
|
+
- ! `deft doctor` MUST default to an OFFLINE tier: no check in the default run may contact an npm/pnpm registry. The one check that can (`payload-staleness`, which resolves the latest framework version via `git ls-remote` and falls back to `npm view <package> version`) is gated behind the explicit `--network` flag and is skipped by default with a pointer to that flag.
|
|
17
|
+
- ! Before a network-gated check runs, `deft doctor --network` MUST print a disclosure line naming the tool and registry class it may contact (e.g. "may contact your git remote and, as a fallback, the npm registry") BEFORE any network call is attempted.
|
|
18
|
+
- ! Any future doctor check, session step, or read-only command that needs to invoke `npm`/`pnpm` in a way that can reach a registry MUST follow the same pattern: explicit flag or subcommand, disclosed registry class before the call, and offline by default.
|
|
19
|
+
- ~ Where a package-manager operation is unavoidable in an explicitly-invoked flow (e.g. a release or install workflow that legitimately needs to fetch packages), prefer offline/frozen modes (`--offline`, `--prefer-offline`, `--frozen-lockfile`) when the operation only needs to validate local state rather than resolve fresh metadata.
|
|
20
|
+
- ⊗ MUST NOT invoke `npm`/`pnpm` subcommands that can contact a registry from any code path reachable by `session:start`, `verify:session-ritual`, `verify:tools`, or the default `deft doctor` invocation.
|
|
21
|
+
- ⊗ MUST NOT ship a new registry-reaching check without adding it to this doc and gating it the same way.
|
|
22
|
+
|
|
23
|
+
## Non-goals
|
|
24
|
+
|
|
25
|
+
This does not ban dependency installation or registry verification from explicit build/check/release workflows (e.g. `task build`, CI install steps) -- those are intentionally invoked and their network use is expected. It does not require supporting every private registry provider, and it does not replace npm/pnpm lockfile or provenance checks where they are intentionally invoked.
|
|
26
|
+
|
|
27
|
+
## Reference implementation
|
|
28
|
+
|
|
29
|
+
`packages/core/src/doctor/payload-staleness.ts` is the only code path in the TS engine that shells out to `npm` (`npm view`) or performs a git-remote network call for framework-currency checks; `packages/core/src/doctor/main.ts` gates it behind `--network` and prints the disclosure line first. `packages/core/src/session/session-start.ts` and `packages/core/src/verify-env/verify-tools.ts` perform no package-manager network access at all -- tool presence is resolved via PATH probing only.
|